Authorization (HRM)
Authorization (HRM) defines Raytio's access control model. It covers user roles, role hierarchy, permissions, authorization policies, relationship-based access, and menu visibility.
Authorization (HRM) defines Raytio's access control model. It covers user roles, role hierarchy, permissions, authorization policies, relationship-based access, and menu visibility.
Raytio's authorization model combines role-based permissions, relationship-based access, policy exceptions, and menu visibility. Together these controls determine what a user can do, which records they can access, and which actions appear in the interface.
Raytio allows users to share encrypted data without compromising security. This page explains how the sharing system works — from how data is encrypted for a specific recipient, to how multiple team members can access shared submissions.
Only permitted users may edit an Access Application and view the associated submissions. Organization users must be specifically granted permission to each Access Application.
Permissions define what operations a role can perform on which resource groups. They are the primary mechanism for controlling day-to-day access, determining whether a user can view, create, edit, or delete records in a given business area. The permission system distinguishes between ALL_RECORDS scope (access to every record in the tenant) and OWN_RECORDS scope (access only to records the user owns or that have been shared with them).
The PPM module uses a layered role system that combines tenant-level permissions with project-level roles. This page explains how the roles relate to each other and what each role can do.
You can set the permissions on any of your profile items.